Cookies along the way.

RSS FTW

Social

Contact

Search

Recently, I signed a petition to the White House asking the President to publicly affirm his support for strong encryption. The official response was:

Thank you for signing the petition on strong encryption and speaking out on this important national debate. As the President has said, “There’s no scenario in which we don’t want really strong encryption.” It is critical that the government, the private sector, and other experts regularly engage to understand the impacts of encryption on national security, public health and safety, economic competitiveness, privacy, cybersecurity, and human rights around the world.

This conversation about encryption is also part of a broader conversation about what we, as a nation, can do to fight terrorism as it evolves online. That is why, in his address to the nation on Sunday, the President reiterated the Administration’s call for America’s technology community and law enforcement and counter-terrorism officials to work together to fight terrorism. American technologists have a unique perspective that makes them essential in finding new ways to combat it. They are the best and most creative in the world, and we need them to bring their expertise, innovation, and creativity to bear against the threat of terrorism.

This week, administration officials will sit down with the creators of this petition to hear directly from them about their priorities and concerns.

This is a critical conversation, and we want to hear from as many voices as we can.

Thanks again for your participation in We the People.

Ed Felten
Deputy U.S. Chief Technology Officer

Michael Daniel
Special Assistant to the President and Cybersecurity Coordinator

This was my response:

My concerns regarding strong encryption are largely captured by the recently published “Keys Under Doormats” paper by Harold Abelson, et. al from MIT. I agree with their three main points that requiring a backdoor/weakening encryption is counter to the current trend in making the Internet more secure, adds complexity, and increases the potential for security breaches.

Encryption is an important tool to increase the security of data. With recent security breaches, such as the one from the Office of Personnel Management and other private companies, it’s evident that we as an industry and as a nation need to improve our security technology, not weaken it.

I recognize the claim by law enforcement that encryption is frustrating them. As “Keys Under Doormats” suggests however, there are many practical and technological reasons why weakening encryption is not the answer. I’d like to provide an additional moral one. As a Navy and Afghanistan veteran, I volunteered to serve this country because I believe in the core American values. By weakening our encryption technologies, we would not only cause damage to our our digital protection systems but we would compromise our core believe in freedom out of an understandable, but largely sensational, feeling of fear.

Since upgrading to Ubuntu 15.04, I’ve been living with systemd. I’ve been a Debian user mainly and was wary of the doom-and-gloom comments about systemd but actually, I’ve been a bit impressed with it so far. One thing that is undeniably easier with systemd is writing what System V init sytems called init scripts. In systemd they are known as service files.

Anyway, I usually run emacs as daemon and I had the idea that emacs could run as a systemd service! Immediately I fell into the trap that Umberto Eco describes:

there are two laws no human being can escape: the first idea that comes into a person’s mind will be the most obvious one; and, having had an obvious idea, nobody ever thinks that others may have had the same idea before.

So yes, there plenty of systmed emacs service files out there, but this one is mine.

The main difference from my config is that I’ve added the GPG_AGENT_INFO data so that emacs can uses GPG agent. I run keychain so my ssh-agent and gpg-agent are launched at login. There are probably nicer ways to pass the environment variables. This only works if you user ID is 1000, which it most likely will be if you are the first user. Just check the output of id -u and change the 1000 to whatever it says and it will probably work.

Lastly, I run this service as a user so I put the file in ~/.config/systemd/user/emacs.service and then did:

As Cohen’s work reminds us, printed books are mostly private pleasures, lonely ones even. Unlike so much media today, they don’t target, watch, or measure us; they don’t flatter us with personalized stories based on accumulated data profiles (not yet, at least). But even as this essentially analog quality has convinced us that novels are doomed to be political dead zones, it has become one of their newfound attractions. “If you’re reading this on a screen, fuck off,” goes Book of Numbers’ opening line.

Cookies on websites both suck and are incredibly useful. They are useful because it’s convenient to not have to re-enter usernames and other stateful pieces of data. They suck because cookies are used to track you and they remember things that the website considers useful but you may not.

By the way, if you don’t have the EFF’s Privacy Badger extension installed, go install it. Privacy badger does care.

Let’s say you like to read the NYTimes but you may find that the 10 article limit per month to be a bit restrictive. After all, you go to your local library and read the gray lady there but sometimes well, you also re-read them online. But instead of reading the article you receive a bunch of indistinguishable-from-malware popups about reading more than 10 articles per month. How to get rid of them?

Well, you can just go clear your cookies in Chrome/Chromium. But chrome stores cookies in a SQLite database so you could make a script to go into the database, and remove offending entries. If you were to go and do that, say on Linux, you might end up with a SQL file like this:

delete from cookies where host_key LIKE '%nytimes%';

If that file was called nomnomnom.sql, you could have a script called nomnomnom.sql that did